Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5307
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
NA
CVE-2024-5511
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ...
NA
CVE-2024-5512
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
NA
CVE-2024-5268
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos Era 100 smart speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SMB2 messages. The issu...
NA
CVE-2024-36845
An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows malicious users to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server.
NA
CVE-2024-33998
Insufficient escaping of participants' names in the participants page table resulted in a stored XSS risk when interacting with some features.
NA
CVE-2024-33997
Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user's equation.
NA
CVE-2024-33999
The referrer URL used by MFA required additional sanitizing, rather than being used directly.
NA
CVE-2024-34000
ID numbers displayed in the lesson overview report required additional sanitizing to prevent a stored XSS risk.
4 Articles
NA
CVE-2024-34001
Actions in the admin preset tool did not include the necessary token to prevent a CSRF risk.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »